At D360 bank we are committed to protecting our customers personal and financial information and place all the necessary and required security measures to secure all online transactions. We want to ensure that D360 bank customers have the proper reference and guide to the latest cyber security threats and risks, and how to implement simple security steps to create an extra layer of protection against potential security threats and attacks.
Passwords are considered the first line of defense against unauthorized access to our devices and personal information. The stronger the password the more we can protect our online accounts from hackers and malicious attacks.Security Tips:
- Keep your password private and never share it with anyone. Remember, Our D360 bank representatives will never ask for your user credentials.
- Enable multi-factor authentication (MFA), to add an extra layer of security to your accounts.
- Avoid using personal information such as your name, pet’s name, or birthday in your password.
- Use long and complex passwords that are difficult for others to guess but easy for you to remember.
- Never reuse the same password across multiple accounts.
- Change your passwords regularly, for example every 90 days.
- Create strong passwords that include a mix of upper- and lower-case letters, numbers, and special characters like @ #? >].
- Avoid sharing your password through email or online direct messages.
- Remember, passwords are our first line of defense against unauthorized access, and it’s up to us to keep them safe.
Social engineering is the act of malicious manipulation accomplished through social or computer-based interaction. It can come in many forms with the sole intent of stealing sensitive and personal information for financial gain.Example types of Social Engineering and tactics used:
- Whaling: is a targeted phishing attack aimed at senior executives masquerading as a legitimate email designed to encourage victims to perform a secondary action [ such as initiating a wire transfer of funds].
- Spear phishing: is a targeted phishing attack aimed at a category of individuals with a unnoticeable profile.
- Vishing: is a form of phishing that uses fraudulent practice of making phone calls or leaving voice messages claiming to be from a trustworthy entity for individuals to reveal personal information.
- Smishing: is a form of phishing that uses mobile phones as the attack platform. It is implemented through text messages or SMS.
- Email Phishing: is the most common type of phishing. Hackers send malicious emails to any email address they can obtain.
- Spoofing: is a situation in which a person or program successfully identifies as another by falsifying data, to gain legitimate advantage.
- Be cautious about opening email attachments from unexpected or unknown senders.
- Watch out for urgent or deadline-driven requests that may be suspicious.
- Delete SMS messages that contain links to suspicious or unknown sites.
- Keep your antivirus and anti-malware software up to date.
- Remember that even official-looking emails or websites can be spoofed, so be careful when clicking on links or providing personal information.
Email and Online Security
Emails are considered one of the most important means of communication in the workplace and in our personal lives. We need to make sure that all information is securely and safely shared online. In addition to implementing email and online security best practices.Security Tips:
- Stay safe by never using public computers/devices (such as those at cafes or airports) to log in to your online accounts, especially bank accounts.
- Think twice before clicking on any link or file, as it could be malicious.
- If you receive a suspicious link, hover your mouse over it to see the address on your computer or tap and hold on the link on your mobile or tablet to see the link URL.
- Be aware of shoulder surfers who might try to steal your sensitive information while you work remotely or access your online bank account in public spaces.
- Protect your personal information by disabling the ‘auto complete’ function in your browser.
- Ensure that websites used for online shopping are secure and trustworthy.
- Safeguard your wireless network to prevent unauthorized access.
- Reduce your risk by avoiding saving your credit card information when purchasing online.
Mobile and Application Security
We must ensure to set our mobile devices operating system like Android, iOS, Windows and installed applications to automatic update. As it will have a substantial impact in protecting our devices from malware and viruses.Security Tips:
- Make sure to download D360 bank mobile application from official app stores announced by D360 bank official channels
- Ensure your mobile devices are up to date by setting the operating system updates to automatic updates.
- Know your applications by reviewing and understanding the details of an application before downloading it.
- Applications may request access to your location and personal information and control what information you want the application to share or transmit.
- Delete any applications that you do not use regularly to increase your security.
- Always Sign-out from your D360 bank account once you complete your session
- Install anti-virus software on your devices and keep it updated.
Multi-factor Authentications (MFA) and One-time-passwords (OTP)
MFAs and OTP are the necessary coat of security to validate and authenticate that you are legitimately accessing your account for example: email, bank account, social media...etc.) and it has not been compromised.Security Tips:
- Enable Multi-Factor Authentication (MFA) on your online accounts such as (iCloud, social media accounts, email, government accounts)
- A representative from D360 bank will never ask you to provide them with your one-time-password (OTP) for any sort of transaction.
- Make sure to thoroughly read the message sent to you that has an OTP. Attackers can impersonate a legitimate entity (e.g., bank) and ask you to provide the OTP sent and get access to your device.
- Never respond to OTPs from unknown numbers sent via SMS’s
Are committed via the internet by cyberattacks. It uses forms of social engineering to illegally acquire and leverages people’s or business sensitive information for monetary gain by using spam, scams, spyware, identity theft.Security Tips:
- Protect and secure your most sensitive files such as financial records, make regular backups for all your important data and store them in a secure location.
- Be cautious when giving out sensitive information such your name, address, and national ID via the phone or online.
- Be aware of phishing scams
- Regularly update your devices to avoid falling victim of spyware, ransomware.
- Avoid saving your credit card information when purchasing online
Social Media Security
Geotagging your location, sharing personal information, having a weak password that is identical to your other accounts. Attackers can easily steal your information for malicious use.Security Tips:
- Make sure your social media account is set to private.
- Regularly review and understand your social media privacy permissions and settings.
- The more you post about yourself, the easier it might be for someone to use the information you post to access your accounts, steal your identity, and more.
- Lookout for spoofs of your account.
- Pay attention to fake giveaways announced in suspicious and unknown accounts
- Avoid clicking on links shared on your direct messages or on suspicious/fake accounts
- Don’t respond to suspicious messages announcing you have won a prize such as: monetary, all paid vacation, etc. and requesting your personal information.
- Always report and block suspicious and fake accounts using the platforms reporting channel.